Twitter said it identified and fixed the cross site scripting flaw that led to meltdown on Tuesday a month ago, only to undo this fix with a later web site update.
The revamp - which reintroduced a flaw that meant JavaScript could be injected into Tweets - was unrelated to the recent introduction of New Twitter. The cross-site …

In what way was it an "attack"?

There was no signal to disrupt with the noise.

I'm sure there were some engineers on shift, but anyone with a high enough pay grade to actually make a decision about deploying a fix would be either snoozing or too busy trying to figure out how to actually make some money off of Twitter.